The LDAP users have to be synchronized with the local users to enable authentication via LDAP and authorization via the database. Once LDAP authentication is successful, ConnectALL will automatically synchronize the user(s) to the database (including new users) and will be assigned to the user role. Click on the cogwheel icon on the top right corner and click the LDAP settings option from the drop-down list.
The recommended LDAP configurations are given in the below table.
|1||AD URL||22.214.171.124:222||Actual LDAP IP and Port.|
|2||Base Domain||cn=admin,DC=example,dc=com||User DN (distinguished name) who has permission to access the LDAP directory has to be configured. Minimum read only access is required.|
|3||Password||Password||Password for the above configured user.|
The LDAP parameter which has to be synchronized with the database has to be configured. The value which is migrated from LDAP to the database will be used for Connect All Login.
* Possible values: sAMAccountName/cn/uid,etc (as configured in the users LDAP server)
* Only one value can be configured. Multiple parameter configurations are not allowed..
|5||ConnectALL AD Login||yes/no||By default the value is set to "no". To enable LDAP authentication please set the parameter to "yes".|
|6||AD Object Class||person|
Object class as defined in the LDAP server under which users are configured. During the synchronization, it will start searching for users under the objectClass in LDAP.
* Possible values: person/inetOrgPerson/etc
|7||AD Lookup during User field sync|
Any valid LDAP filter query
If you would like to sync users from different LDAP member groups/ou, then instead of configuring the parameter in ldap.objectClass, configure the entire LDAP member group filter query here.
If no such requirement, and only a single member group/ou, then setting up of ldap.objectClass property alone is enough and this property can be set with the value "no".